--- a/components/python/pyopenssl/Makefile Sat Jan 14 13:51:41 2017 -0800
+++ b/components/python/pyopenssl/Makefile Fri Jan 13 16:13:25 2017 -0800
@@ -20,21 +20,20 @@
#
#
-# Copyright (c) 2011, 2015, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2011, 2017, Oracle and/or its affiliates. All rights reserved.
#
include ../../../make-rules/shared-macros.mk
COMPONENT_NAME= pyOpenSSL
-COMPONENT_VERSION= 0.13
+COMPONENT_VERSION= 16.2.0
COMPONENT_SRC= $(COMPONENT_NAME)-$(COMPONENT_VERSION)
COMPONENT_ARCHIVE= $(COMPONENT_SRC).tar.gz
-COMPONENT_ARCHIVE_HASH= \
- sha256:21e12b03abaa0e04ecc8cd9c251598f71bae11c9f385304234e4ea5618c6163b
+COMPONENT_ARCHIVE_HASH= sha256:7779a3bbb74e79db234af6a08775568c6769b5821faecf6e2f4143edb227516e
COMPONENT_ARCHIVE_URL= $(call pypi_url)
COMPONENT_PROJECT_URL= https://launchpad.net/pyopenssl
COMPONENT_BUGDB= python-mod/pyopenssl
-TPNO= 9207
+TPNO= 32834
include $(WS_MAKE_RULES)/prep.mk
include $(WS_MAKE_RULES)/setup.py.mk
@@ -42,21 +41,25 @@
ASLR_MODE = $(ASLR_NOT_APPLICABLE)
-COMPONENT_TEST_DIR = $(COMPONENT_SRC)/OpenSSL/test
-# The .so files are under ./OpenSSL/64 not ./64/OpenSSL so the
-# $(PYTHON_VENDOR_PACKAGES) variable for 64bit Python is wrong.
-# Everything works fine if we just add the 32bit path.
-COMPONENT_TEST_ENV += PYTHONPATH=$(PROTO_DIR)$(PYTHON_VENDOR_PACKAGES.32)
-COMPONENT_TEST_CMD = $(SHELL)
-COMPONENT_TEST_ARGS = $(COMPONENT_DIR)/files/runtests
+# Temporary measure before cryptography gets to official machines.
+# Can be removed after cryptography 1.6 has been installed on all machines.
+# Bug ID: 25394619
+CRYPTOGRAPHY = $(WS_COMPONENTS)/python/cryptography/build/prototype/$(MACH)/$(PYTHON_LIB)
+
+COMPONENT_PRE_TEST_ACTION = $(CP) -r $(COMPONENT_SRC)/tests $(@D)
+# In tests/test_crypto.py::FunctionTests::test_dump_certificate, the serial number line
+# outputs the same hex as the key, so this is a false error.
+# In tests/test_ssl.py::ConnectionTests::test_set_seesion_wrong_method, This test doesn't
+# work for our version of OpenSSL, which is 1.0.2j; this test only supports OpenSSL 1.0.0
+COMPONENT_TEST_DIR = $(@D)
+COMPONENT_TEST_ENV += PYTHONPATH=$(CRYPTOGRAPHY):$(PROTO_DIR)$(PYTHON_VENDOR_PACKAGES):$(PYTHON_VENDOR_PACKAGES)
+# Some tests require unicode characters, otherwise ~17 tests will fail
+COMPONENT_TEST_ENV += LC_ALL=en_US.UTF-8
+COMPONENT_TEST_CMD = py.test-$(PYTHON_VERSION)
+COMPONENT_TEST_ARGS = --result-log=$(COMPONENT_TEST_OUTPUT)
COMPONENT_TEST_MASTER = $(COMPONENT_TEST_RESULTS_DIR)/results-all.master
-# Using nawk for easier test results processing and stripping out the
-# random portions (like time to complete the tests).
-COMPONENT_TEST_TRANSFORMER = $(NAWK)
-COMPONENT_TEST_TRANSFORMS = "'/^Running / { print }; /^ERROR: / { print }; /^FAIL: / { print }; /^Ran / { sub(\" tests in .+s\", \" tests in\"); print }; /^FAILED / { print }; /^OK / { print };'"
-
build: $(BUILD_32_and_64)
install: $(INSTALL_32_and_64)
@@ -65,6 +68,5 @@
system-test: $(SYSTEM_TESTS_NOT_IMPLEMENTED)
-
REQUIRED_PACKAGES += library/security/openssl
REQUIRED_PACKAGES += system/library
--- a/components/python/pyopenssl/files/runtests Sat Jan 14 13:51:41 2017 -0800
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,7 +0,0 @@
-#!/bin/sh
-# Script to run all the pyopenssl test scripts.
-for f in crypto rand ssl; do
- echo Running test_$f
- python test_$f.py
-done
-
--- a/components/python/pyopenssl/patches/0_no-zip_safe.patch Sat Jan 14 13:51:41 2017 -0800
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,10 +0,0 @@
---- pyOpenSSL-0.11/setup.py.orig Mon Feb 14 23:17:02 2011
-+++ pyOpenSSL-0.11/setup.py Mon Feb 14 23:17:31 2011
-@@ -203,7 +203,6 @@
- 'OpenSSL.test.test_crypto',
- 'OpenSSL.test.test_rand',
- 'OpenSSL.test.test_ssl'],
-- zip_safe = False,
- cmdclass = {"build_ext": BuildExtension},
- description = 'Python wrapper module around the OpenSSL library',
- author = 'Martin Sjögren, AB Strakt',
--- a/components/python/pyopenssl/patches/1_CVE-2013-4073.patch Sat Jan 14 13:51:41 2017 -0800
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,201 +0,0 @@
-#
-# This patch contains the fixes for CVE-2013-4073 (NULL bytes in subjectAltName
-# not correctly interpreted).
-# The patch was taken from:
-# https://code.launchpad.net/~heimes/pyopenssl/pyopenssl/+merge/179673
-# and modified to fit the the 0.13 release code (original fix was based off tip
-# code in pyopenssl repo).
-#
---- pyOpenSSL-0.13/ChangeLog 2011-09-02 08:46:13.000000000 -0700
-+++ pyOpenSSL-0.13/ChangeLog 2013-08-26 14:40:43.941191227 -0700
-@@ -1,3 +1,9 @@
-+2013-08-11 Christian Heimes <[email protected]>
-+
-+ * OpenSSL/crypto/x509ext.c: Fix handling of NULL bytes inside
-+ subjectAltName general names, CVE-2013-4073.
-+ * OpenSSL/crypto/x509.c: Fix memory leak in get_extension().
-+
- 2011-09-02 Jean-Paul Calderone <[email protected]>
-
- * Release 0.13
---- pyOpenSSL-0.13/OpenSSL/crypto/x509.c 2011-09-02 08:46:13.000000000 -0700
-+++ pyOpenSSL-0.13/OpenSSL/crypto/x509.c 2013-08-26 14:41:34.379545946 -0700
-@@ -756,6 +756,7 @@
-
- extobj = PyObject_New(crypto_X509ExtensionObj, &crypto_X509Extension_Type);
- extobj->x509_extension = X509_EXTENSION_dup(ext);
-+ extobj->dealloc = 1;
-
- return (PyObject*)extobj;
- }
---- pyOpenSSL-0.13/OpenSSL/crypto/x509ext.c 2011-09-02 08:46:13.000000000 -0700
-+++ pyOpenSSL-0.13/OpenSSL/crypto/x509ext.c 2013-08-26 14:53:08.501972021 -0700
-@@ -236,6 +236,75 @@
- PyObject_Del(self);
- }
-
-+
-+/* Special handling of subjectAltName, see CVE-2013-4073 */
-+
-+int
-+crypto_X509Extension_str_san(crypto_X509ExtensionObj *self, BIO *bio)
-+{
-+ GENERAL_NAMES *names;
-+ const X509V3_EXT_METHOD *method = NULL;
-+ long i, length, num;
-+ const unsigned char *p;
-+
-+ method = X509V3_EXT_get(self->x509_extension);
-+ if (method == NULL) {
-+ return -1;
-+ }
-+
-+ p = self->x509_extension->value->data;
-+ length = self->x509_extension->value->length;
-+ if (method->it) {
-+ names = (GENERAL_NAMES*)(ASN1_item_d2i(NULL, &p, length,
-+ ASN1_ITEM_ptr(method->it)));
-+ }
-+ else {
-+ names = (GENERAL_NAMES*)(method->d2i(NULL, &p, length));
-+ }
-+ if (names == NULL) {
-+ return -1;
-+ }
-+
-+ num = sk_GENERAL_NAME_num(names);
-+ for (i = 0; i < num; i++) {
-+ GENERAL_NAME *name;
-+ ASN1_STRING *as;
-+ name = sk_GENERAL_NAME_value(names, i);
-+ switch (name->type) {
-+ case GEN_EMAIL:
-+ BIO_puts(bio, "email:");
-+ as = name->d.rfc822Name;
-+ BIO_write(bio, ASN1_STRING_data(as),
-+ ASN1_STRING_length(as));
-+ break;
-+ case GEN_DNS:
-+ BIO_puts(bio, "DNS:");
-+ as = name->d.dNSName;
-+ BIO_write(bio, ASN1_STRING_data(as),
-+ ASN1_STRING_length(as));
-+ break;
-+ case GEN_URI:
-+ BIO_puts(bio, "URI:");
-+ as = name->d.uniformResourceIdentifier;
-+ BIO_write(bio, ASN1_STRING_data(as),
-+ ASN1_STRING_length(as));
-+ break;
-+ default:
-+ /* use builtin print for GEN_OTHERNAME, GEN_X400,
-+ * GEN_EDIPARTY, GEN_DIRNAME, GEN_IPADD and GEN_RID
-+ */
-+ GENERAL_NAME_print(bio, name);
-+ }
-+ /* trailing ', ' except for last element */
-+ if (i < (num - 1)) {
-+ BIO_puts(bio, ", ");
-+ }
-+ }
-+ sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
-+
-+ return 0;
-+}
-+
- /*
- * Print a nice text representation of the certificate request.
- */
-@@ -247,7 +316,14 @@
- PyObject *str;
- BIO *bio = BIO_new(BIO_s_mem());
-
-- if (!X509V3_EXT_print(bio, self->x509_extension, 0, 0))
-+ if (OBJ_obj2nid(self->x509_extension->object) == NID_subject_alt_name) {
-+ if (crypto_X509Extension_str_san(self, bio) == -1) {
-+ BIO_free(bio);
-+ exception_from_error_queue(crypto_Error);
-+ return NULL;
-+ }
-+ }
-+ else if (!X509V3_EXT_print(bio, self->x509_extension, 0, 0))
- {
- BIO_free(bio);
- exception_from_error_queue(crypto_Error);
---- pyOpenSSL-0.13/OpenSSL/test/test_crypto.py 2011-09-02 08:46:13.000000000 -0700
-+++ pyOpenSSL-0.13/OpenSSL/test/test_crypto.py 2013-08-26 14:57:06.933614387 -0700
-@@ -265,6 +265,37 @@
- -----END RSA PRIVATE KEY-----
- """)
-
-+# certificate with NULL bytes in subjectAltName and common name
-+
-+nullbyte_san_PEM = b("""-----BEGIN CERTIFICATE-----
-+MIIE2DCCA8CgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBxTELMAkGA1UEBhMCVVMx
-+DzANBgNVBAgMBk9yZWdvbjESMBAGA1UEBwwJQmVhdmVydG9uMSMwIQYDVQQKDBpQ
-+eXRob24gU29mdHdhcmUgRm91bmRhdGlvbjEgMB4GA1UECwwXUHl0aG9uIENvcmUg
-+RGV2ZWxvcG1lbnQxJDAiBgNVBAMMG251bGwucHl0aG9uLm9yZwBleGFtcGxlLm9y
-+ZzEkMCIGCSqGSIb3DQEJARYVcHl0aG9uLWRldkBweXRob24ub3JnMB4XDTEzMDgw
-+NzEzMTE1MloXDTEzMDgwNzEzMTI1MlowgcUxCzAJBgNVBAYTAlVTMQ8wDQYDVQQI
-+DAZPcmVnb24xEjAQBgNVBAcMCUJlYXZlcnRvbjEjMCEGA1UECgwaUHl0aG9uIFNv
-+ZnR3YXJlIEZvdW5kYXRpb24xIDAeBgNVBAsMF1B5dGhvbiBDb3JlIERldmVsb3Bt
-+ZW50MSQwIgYDVQQDDBtudWxsLnB5dGhvbi5vcmcAZXhhbXBsZS5vcmcxJDAiBgkq
-+hkiG9w0BCQEWFXB5dGhvbi1kZXZAcHl0aG9uLm9yZzCCASIwDQYJKoZIhvcNAQEB
-+BQADggEPADCCAQoCggEBALXq7cn7Rn1vO3aA3TrzA5QLp6bb7B3f/yN0CJ2XFj+j
-+pHs+Gw6WWSUDpybiiKnPec33BFawq3kyblnBMjBU61ioy5HwQqVkJ8vUVjGIUq3P
-+vX/wBmQfzCe4o4uM89gpHyUL9UYGG8oCRa17dgqcv7u5rg0Wq2B1rgY+nHwx3JIv
-+KRrgSwyRkGzpN8WQ1yrXlxWjgI9de0mPVDDUlywcWze1q2kwaEPTM3hLAmD1PESA
-+oY/n8A/RXoeeRs9i/Pm/DGUS8ZPINXk/yOzsR/XvvkTVroIeLZqfmFpnZeF0cHzL
-+08LODkVJJ9zjLdT7SA4vnne4FEbAxDbKAq5qkYzaL4UCAwEAAaOB0DCBzTAMBgNV
-+HRMBAf8EAjAAMB0GA1UdDgQWBBSIWlXAUv9hzVKjNQ/qWpwkOCL3XDALBgNVHQ8E
-+BAMCBeAwgZAGA1UdEQSBiDCBhYIeYWx0bnVsbC5weXRob24ub3JnAGV4YW1wbGUu
-+Y29tgSBudWxsQHB5dGhvbi5vcmcAdXNlckBleGFtcGxlLm9yZ4YpaHR0cDovL251
-+bGwucHl0aG9uLm9yZwBodHRwOi8vZXhhbXBsZS5vcmeHBMAAAgGHECABDbgAAAAA
-+AAAAAAAAAAEwDQYJKoZIhvcNAQEFBQADggEBAKxPRe99SaghcI6IWT7UNkJw9aO9
-+i9eo0Fj2MUqxpKbdb9noRDy2CnHWf7EIYZ1gznXPdwzSN4YCjV5d+Q9xtBaowT0j
-+HPERs1ZuytCNNJTmhyqZ8q6uzMLoht4IqH/FBfpvgaeC5tBTnTT0rD5A/olXeimk
-+kX4LxlEx5RAvpGB2zZVRGr6LobD9rVK91xuHYNIxxxfEGE8tCCWjp0+3ksri9SXx
-+VHWBnbM9YaL32u3hxm8sYB/Yb8WSBavJCWJJqRStVRHM1koZlJmXNx2BX4vPo6iW
-+RFEIPQsFZRLrtnCAiEhyT8bC2s/Njlu6ly9gtJZWSV46Q3ZjBL4q9sHKqZQ=
-+-----END CERTIFICATE-----""")
-+
-
- class X509ExtTests(TestCase):
- """
-@@ -1382,6 +1413,36 @@
- self.assertRaises(TypeError, cert.get_extension, "hello")
-
-
-+ def test_nullbyte_san(self):
-+ """
-+ Test correct handling of CN and SAN with NULL bytes
-+
-+ see CVE-2013-4073
-+ """
-+ cert = load_certificate(FILETYPE_PEM, nullbyte_san_PEM)
-+ subject = cert.get_subject()
-+ self.assertEqual(subject.CN, 'null.python.org\x00example.org')
-+ issuer = cert.get_issuer()
-+ self.assertEqual(issuer.CN, 'null.python.org\x00example.org')
-+
-+ ext = cert.get_extension(0)
-+ self.assertEqual(ext.get_short_name(), b('basicConstraints'))
-+
-+ ext = cert.get_extension(1)
-+ self.assertEqual(ext.get_short_name(), b('subjectKeyIdentifier'))
-+
-+ ext = cert.get_extension(2)
-+ self.assertEqual(ext.get_short_name(), b('keyUsage'))
-+
-+ ext = cert.get_extension(3)
-+ self.assertEqual(ext.get_short_name(), b('subjectAltName'))
-+ self.assertEqual(str(ext),
-+ 'DNS:altnull.python.org\x00example.com, '
-+ 'email:[email protected]\[email protected], '
-+ 'URI:http://null.python.org\x00http://example.org, '
-+ 'IP Address:192.0.2.1, IP Address:2001:DB8:0:0:0:0:0:1\n')
-+
-+
- def test_invalid_digest_algorithm(self):
- """
- L{X509.digest} raises L{ValueError} if called with an unrecognized hash
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/python/pyopenssl/patches/1_test.patch Fri Jan 13 16:13:25 2017 -0800
@@ -0,0 +1,17 @@
+This patch disables the test set default verify paths, which tries to connect
+to an external server. This tries to connect using s_client, which does
+not work within OWAN, even if proxy vaeriables are set.
+
+--- pyOpenSSL-16.2.0/tests/test_ssl.py.~1~ 2016-10-15 06:15:43.000000000 +0000
++++ pyOpenSSL-16.2.0/tests/test_ssl.py 2017-01-13 15:51:01.552602423 +0000
+@@ -1183,6 +1183,10 @@
+ reason="set_default_verify_paths appears not to work on Windows. "
+ "See LP#404343 and LP#404344."
+ )
++ @pytest.mark.skipif(
++ True,
++ reason="This test doesn't work within OWAN, even with proxy set"
++ )
+ def test_set_default_verify_paths(self):
+ """
+ :py:obj:`Context.set_default_verify_paths` causes the
--- a/components/python/pyopenssl/patches/2_tests.patch Sat Jan 14 13:51:41 2017 -0800
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,41 +0,0 @@
-#
-# This patch disables two tests which either don't work or might not work if
-# your network is not setup in a certain way.
-#
-# The FILETYPE_TEXT dumping mechanism does not print the serial version of
-# the certificate so this test fails. Not sure if that test always fails or
-# only on Solaris. Since the output of FILETYPE_TEXT does not really look like
-# a commited interface anyway the test is disabled.
-#
-# The test_set_default_verify_paths() test case tries to connect to
-# versign.com using s_client. This does not seem to work within OWAN, even if
-# your proxy variables are set. Furthermore, it's probably not a good idea to
-# contact external servers for a test case anyway.
-#
---- pyOpenSSL-0.13/OpenSSL/test/test_crypto.py 2013-08-26 14:57:06.933614387 -0700
-+++ pyOpenSSL-0.13/OpenSSL/test/test_crypto.py 2013-08-26 15:04:14.951459483 -0700
-@@ -2165,9 +2165,10 @@
- cert2 = load_certificate(FILETYPE_ASN1, dumped_der)
- dumped_pem2 = dump_certificate(FILETYPE_PEM, cert2)
- self.assertEqual(dumped_pem2, cleartextCertificatePEM)
-- dumped_text = dump_certificate(FILETYPE_TEXT, cert)
-- good_text = _runopenssl(dumped_pem, "x509", "-noout", "-text")
-- self.assertEqual(dumped_text, good_text)
-+ # FILETYPE_TEXT does not seem to work in Solaris.
-+ #dumped_text = dump_certificate(FILETYPE_TEXT, cert)
-+ #good_text = _runopenssl(dumped_pem, "x509", "-noout", "-text")
-+ #self.assertEqual(dumped_text, good_text)
-
-
- def test_dump_privatekey(self):
---- pyOpenSSL-0.13/OpenSSL/test/test_ssl.py 2011-09-02 08:46:13.000000000 -0700
-+++ pyOpenSSL-0.13/OpenSSL/test/test_ssl.py 2013-08-26 15:04:14.950915143 -0700
-@@ -648,6 +648,8 @@
- if platform == "win32":
- "set_default_verify_paths appears not to work on Windows. "
- "See LP#404343 and LP#404344."
-+ if True:
-+ "Test connects to external server, skip"
- else:
- def test_set_default_verify_paths(self):
- """
--- a/components/python/pyopenssl/patches/3_add_if.patch Sat Jan 14 13:51:41 2017 -0800
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,316 +0,0 @@
-#
-# This patch adds a few more interfaces to OpenSSL functions required for IPS.
-# The additional interfaces are:
-# pyOpenSSL -> OpenSSL
-# crypto.CRL.verify() X509_CRL_verify()
-# crypto.CRL.get_issuer() X509_CRL_get_issuer()
-# crypto.CRL.get_next_update() X509_CRL_get_nextUpdate()
-# crypto.X509.verify() X509_verify()
-# crypto.X509.check_ca() X509_check_ca()
-#
-# The patch also adds test cases to the pyOpenSSL test suite for the added
-# functions.
-#
---- pyOpenSSL-0.13/OpenSSL/crypto/crl.c 2013-08-26 15:04:14.949389722 -0700
-+++ pyOpenSSL-0.13/OpenSSL/crypto/crl.c 2013-08-26 15:05:00.183031221 -0700
-@@ -180,6 +180,84 @@
- return buffer;
- }
-
-+static char crypto_CRL_verify_doc[] = "\n\
-+Verifies the CRL using the supplied public key\n\
-+\n\
-+@param key: a public key\n\
-+@type key: L{PKey}\n\
-+@return: True if the signature is correct.\n\
-+@raise OpenSSL.crypto.Error: If the signature is invalid or there is a\n\
-+ problem verifying the signature.\n\
-+";
-+
-+PyObject *
-+crypto_CRL_verify(crypto_CRLObj *self, PyObject *args)
-+{
-+ PyObject *obj;
-+ crypto_PKeyObj *key;
-+ int answer;
-+
-+ if (!PyArg_ParseTuple(args, "O!:verify", &crypto_PKey_Type, &obj)) {
-+ return NULL;
-+ }
-+
-+ key = (crypto_PKeyObj *)obj;
-+
-+ if ((answer = X509_CRL_verify(self->crl, key->pkey)) <= 0) {
-+ exception_from_error_queue(crypto_Error);
-+ return NULL;
-+ }
-+
-+ return PyLong_FromLong(answer);
-+}
-+
-+static char crypto_CRL_get_issuer_doc[] = "\n\
-+Create an X509Name object for the issuer of the certificate\n\
-+\n\
-+@return: An X509Name object\n\
-+";
-+
-+static PyObject *
-+crypto_CRL_get_issuer(crypto_CRLObj *self, PyObject *args)
-+{
-+ crypto_X509NameObj *pyname;
-+ X509_NAME *name;
-+
-+ if (!PyArg_ParseTuple(args, ":get_issuer"))
-+ return NULL;
-+
-+ name = X509_CRL_get_issuer(self->crl);
-+ pyname = crypto_X509Name_New(name, 0);
-+ if (pyname != NULL)
-+ {
-+ pyname->parent_cert = (PyObject *)self;
-+ Py_INCREF(self);
-+ }
-+ return (PyObject *)pyname;
-+}
-+
-+static char crypto_CRL_get_nextUpdate_doc[] = "\n\
-+Retrieve the time stamp for when the CRL gets its next update\n\
-+\n\
-+@return: A string giving the timestamp, in the format:\n\
-+\n\
-+ YYYYMMDDhhmmssZ\n\
-+ YYYYMMDDhhmmss+hhmm\n\
-+ YYYYMMDDhhmmss-hhmm\n\
-+ or None if there is no value set.\n\
-+";
-+
-+static PyObject*
-+crypto_CRL_get_nextUpdate(crypto_CRLObj *self, PyObject *args)
-+{
-+ /*
-+ * X509_CRL_get_nextUpdate returns a borrowed reference.
-+ */
-+ return _get_asn1_time(
-+ ":get_nextUpdate", X509_CRL_get_nextUpdate(self->crl), args);
-+}
-+
-+
- crypto_CRLObj *
- crypto_CRL_New(X509_CRL *crl) {
- crypto_CRLObj *self;
-@@ -205,6 +283,9 @@
- ADD_KW_METHOD(add_revoked),
- ADD_METHOD(get_revoked),
- ADD_KW_METHOD(export),
-+ ADD_KW_METHOD(verify),
-+ ADD_KW_METHOD(get_issuer),
-+ ADD_KW_METHOD(get_nextUpdate),
- { NULL, NULL }
- };
- #undef ADD_METHOD
---- pyOpenSSL-0.13/OpenSSL/crypto/x509.c 2013-08-26 15:04:14.943271276 -0700
-+++ pyOpenSSL-0.13/OpenSSL/crypto/x509.c 2013-08-26 15:05:00.183501160 -0700
-@@ -761,6 +761,57 @@
- return (PyObject*)extobj;
- }
-
-+static char crypto_X509_verify_doc[] = "\n\
-+Verifies the certificate using the supplied public key\n\
-+\n\
-+@param key: a public key\n\
-+@type key: L{PKey}\n\
-+@return: True if the signature is correct.\n\
-+@raise OpenSSL.crypto.Error: If the signature is invalid or there is a\n\
-+ problem verifying the signature.\n\
-+";
-+
-+PyObject *
-+crypto_X509_verify(crypto_X509Obj *self, PyObject *args)
-+{
-+ PyObject *obj;
-+ crypto_PKeyObj *key;
-+ int answer;
-+
-+ if (!PyArg_ParseTuple(args, "O!:verify", &crypto_PKey_Type, &obj)) {
-+ return NULL;
-+ }
-+
-+ key = (crypto_PKeyObj *)obj;
-+
-+ if ((answer = X509_verify(self->x509, key->pkey)) <= 0) {
-+ exception_from_error_queue(crypto_Error);
-+ return NULL;
-+ }
-+
-+ return PyLong_FromLong(answer);
-+}
-+
-+
-+static char crypto_X509_check_ca_doc[] = "\n\
-+Checks if the certificate is a CA\n\
-+\n\
-+@return: 0 if not a CA, >0 if a CA\n\
-+";
-+
-+PyObject *
-+crypto_X509_check_ca(crypto_X509Obj *self, PyObject *args)
-+{
-+ int answer;
-+
-+ if (!PyArg_ParseTuple(args, ":check_ca"))
-+ return NULL;
-+
-+ answer = X509_check_ca(self->x509);
-+
-+ return PyLong_FromLong(answer);
-+}
-+
- /*
- * ADD_METHOD(name) expands to a correct PyMethodDef declaration
- * { 'name', (PyCFunction)crypto_X509_name, METH_VARARGS }
-@@ -794,6 +845,8 @@
- ADD_METHOD(add_extensions),
- ADD_METHOD(get_extension),
- ADD_METHOD(get_extension_count),
-+ ADD_METHOD(verify),
-+ ADD_METHOD(check_ca),
- { NULL, NULL }
- };
- #undef ADD_METHOD
---- pyOpenSSL-0.13/OpenSSL/test/test_crypto.py 2013-08-26 15:04:14.951459483 -0700
-+++ pyOpenSSL-0.13/OpenSSL/test/test_crypto.py 2013-08-26 15:14:40.335995703 -0700
-@@ -1090,6 +1090,18 @@
- WpOdIpB8KksUTCzV591Nr1wd
- -----END CERTIFICATE-----
- """
-+ def setUp(self):
-+ # create new CA
-+ self.ca_key = PKey()
-+ self.ca_key.generate_key(TYPE_RSA, 384)
-+
-+ self.ca = X509()
-+ self.ca.get_subject().commonName = "Yoda root CA"
-+ self.ca.set_issuer(self.ca.get_subject())
-+ self.ca.set_pubkey(self.ca_key)
-+ self.ca.sign(self.ca_key, "sha1")
-+
-+
- def signable(self):
- """
- Create and return a new L{X509}.
-@@ -1620,6 +1632,51 @@
- self.assertRaises(ValueError, cert.get_signature_algorithm)
-
-
-+ def test_key_verify(self):
-+ """
-+ L{X509.verify} succeeds when passed a valid CA key, raises
-+ L{OpenSSL.crypto.Error} otherwise.
-+ """
-+ key = PKey()
-+ key.generate_key(TYPE_RSA, 384)
-+ req = X509Req()
-+ req.get_subject().commonName = "Master Luke"
-+ req.set_pubkey(key)
-+ req.sign(key, "sha1")
-+ cert = X509()
-+ cert.set_subject(req.get_subject())
-+ cert.set_pubkey(key)
-+ cert.set_issuer(self.ca.get_subject())
-+ cert.sign(self.ca_key, "sha1")
-+
-+ self.assertTrue(cert.verify(self.ca_key))
-+ self.assertRaises(Error, cert.verify, key)
-+
-+
-+ def test_is_ca(self):
-+ """
-+ L{X509.check_ca} returns a value >0 if certificate is a CA, returns 0
-+ if not.
-+ """
-+ res = self.ca.check_ca()
-+ self.assertTrue(res > 0)
-+
-+ # Try with a non-ca cert
-+ key = PKey()
-+ key.generate_key(TYPE_RSA, 384)
-+ req = X509Req()
-+ req.get_subject().commonName = "Master Luke"
-+ req.set_pubkey(key)
-+ req.sign(key, "sha1")
-+ cert = X509()
-+ cert.set_subject(req.get_subject())
-+ cert.set_pubkey(key)
-+ cert.set_issuer(self.ca.get_subject())
-+ cert.sign(self.ca_key, "sha1")
-+ res = cert.check_ca()
-+ self.assertEqual(res, 0)
-+
-+
-
- class PKCS12Tests(TestCase):
- """
-@@ -2521,6 +2578,18 @@
- cert = load_certificate(FILETYPE_PEM, cleartextCertificatePEM)
- pkey = load_privatekey(FILETYPE_PEM, cleartextPrivateKeyPEM)
-
-+ def setUp(self):
-+ # create new CA
-+ self.ca_key = PKey()
-+ self.ca_key.generate_key(TYPE_RSA, 384)
-+
-+ self.ca = X509()
-+ self.ca.get_subject().commonName = "Yoda root CA"
-+ self.ca.set_issuer(self.ca.get_subject())
-+ self.ca.set_pubkey(self.ca_key)
-+ self.ca.sign(self.ca_key, "sha1")
-+
-+
- def test_construction(self):
- """
- Confirm we can create L{OpenSSL.crypto.CRL}. Check
-@@ -2712,6 +2781,44 @@
- self.assertRaises(Error, load_crl, FILETYPE_PEM, "hello, world")
-
-
-+ def test_crl_verify(self):
-+ """
-+ Test that L{OpenSSL.CRL.verify} correctly verifies CRL with the
-+ pubkey of the issuing CA, raises L{OpenSSL.crypto.Error} in case of
-+ bogus key.
-+ """
-+ s = CRL().export(self.ca, self.ca_key)
-+ crl = load_crl(FILETYPE_PEM, s)
-+ res = crl.verify(self.ca_key)
-+ self.assertTrue(res)
-+
-+ boguskey = PKey()
-+ boguskey.generate_key(TYPE_RSA, 384)
-+ self.assertRaises(Error, crl.verify, boguskey)
-+
-+
-+ def test_crl_get_issuer(self):
-+ """
-+ Test that L{OpenSSL.CRL.get_issuer} returns a L{OpenSSL.X509Name} object
-+ with the correct issuer information.
-+ """
-+ s = CRL().export(self.ca, self.ca_key)
-+ crl = load_crl(FILETYPE_PEM, s)
-+ issuer = crl.get_issuer()
-+ self.assertTrue(isinstance(issuer, X509Name))
-+ self.assertTrue(issuer.commonName == self.ca.get_subject().commonName)
-+
-+
-+ def test_crl_get_nextUpdate(self):
-+ """
-+ Test that L{OpenSSL.CRL.get_nextUpdate} returns the correct date and
-+ time of next update.
-+ """
-+ crl = load_crl(FILETYPE_PEM, crlData)
-+ self.assertEqual(crl.get_nextUpdate(), "20120927024152Z")
-+
-+
-+
- class SignVerifyTests(TestCase):
- """
- Tests for L{OpenSSL.crypto.sign} and L{OpenSSL.crypto.verify}.
--- a/components/python/pyopenssl/pyopenssl-PYVER.p5m Sat Jan 14 13:51:41 2017 -0800
+++ b/components/python/pyopenssl/pyopenssl-PYVER.p5m Fri Jan 13 16:13:25 2017 -0800
@@ -20,7 +20,7 @@
#
#
-# Copyright (c) 2011, 2015, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2011, 2017, Oracle and/or its affiliates. All rights reserved.
#
set name=pkg.fmri \
@@ -38,21 +38,18 @@
set name=org.opensolaris.arc-caseid value=PSARC/2009/176
set name=org.opensolaris.consolidation value=$(CONSOLIDATION)
#
-file path=usr/lib/python$(PYVER)/vendor-packages/OpenSSL/64/SSL.so
-file path=usr/lib/python$(PYVER)/vendor-packages/OpenSSL/64/crypto.so
-file path=usr/lib/python$(PYVER)/vendor-packages/OpenSSL/64/rand.so
-file path=usr/lib/python$(PYVER)/vendor-packages/OpenSSL/SSL.so
+file path=usr/lib/python$(PYVER)/vendor-packages/OpenSSL/SSL.py
file path=usr/lib/python$(PYVER)/vendor-packages/OpenSSL/__init__.py
-file path=usr/lib/python$(PYVER)/vendor-packages/OpenSSL/crypto.so
-file path=usr/lib/python$(PYVER)/vendor-packages/OpenSSL/rand.so
-file path=usr/lib/python$(PYVER)/vendor-packages/OpenSSL/test/__init__.py
-file path=usr/lib/python$(PYVER)/vendor-packages/OpenSSL/test/test_crypto.py
-file path=usr/lib/python$(PYVER)/vendor-packages/OpenSSL/test/test_rand.py
-file path=usr/lib/python$(PYVER)/vendor-packages/OpenSSL/test/test_ssl.py
-file path=usr/lib/python$(PYVER)/vendor-packages/OpenSSL/test/util.py
+file path=usr/lib/python$(PYVER)/vendor-packages/OpenSSL/_util.py
+file path=usr/lib/python$(PYVER)/vendor-packages/OpenSSL/crypto.py
+file path=usr/lib/python$(PYVER)/vendor-packages/OpenSSL/rand.py
file path=usr/lib/python$(PYVER)/vendor-packages/OpenSSL/tsafe.py
file path=usr/lib/python$(PYVER)/vendor-packages/OpenSSL/version.py
-file path=usr/lib/python$(PYVER)/vendor-packages/pyOpenSSL-$(COMPONENT_VERSION)-py$(PYVER).egg-info
+file path=usr/lib/python$(PYVER)/vendor-packages/pyOpenSSL-$(COMPONENT_VERSION)-py$(PYVER).egg-info/PKG-INFO
+file path=usr/lib/python$(PYVER)/vendor-packages/pyOpenSSL-$(COMPONENT_VERSION)-py$(PYVER).egg-info/SOURCES.txt
+file path=usr/lib/python$(PYVER)/vendor-packages/pyOpenSSL-$(COMPONENT_VERSION)-py$(PYVER).egg-info/dependency_links.txt
+file path=usr/lib/python$(PYVER)/vendor-packages/pyOpenSSL-$(COMPONENT_VERSION)-py$(PYVER).egg-info/requires.txt
+file path=usr/lib/python$(PYVER)/vendor-packages/pyOpenSSL-$(COMPONENT_VERSION)-py$(PYVER).egg-info/top_level.txt
#
license LICENSE license=Apache2
--- a/components/python/pyopenssl/test/results-all.master Sat Jan 14 13:51:41 2017 -0800
+++ b/components/python/pyopenssl/test/results-all.master Fri Jan 13 16:13:25 2017 -0800
@@ -1,10 +1,616 @@
-Running test_crypto
-ERROR: test_extension_count (__main__.X509Tests)
-ERROR: test_get_extension (__main__.X509Tests)
-FAIL: test_der (__main__.X509NameTests)
-FAIL: test_digest (__main__.X509Tests)
-Ran 168 tests in
-FAILED (failures=2, errors=2)
-Running test_rand
-Ran 15 tests in
-Running test_ssl
+. lib/OpenSSL/SSL.py::pep8
+. lib/OpenSSL/SSL.py::pyflakes
+. lib/OpenSSL/__init__.py::pep8
+. lib/OpenSSL/__init__.py::pyflakes
+. lib/OpenSSL/_util.py::pep8
+. lib/OpenSSL/_util.py::pyflakes
+. lib/OpenSSL/crypto.py::pep8
+. lib/OpenSSL/crypto.py::pyflakes
+. lib/OpenSSL/rand.py::pep8
+. lib/OpenSSL/rand.py::pyflakes
+. lib/OpenSSL/tsafe.py::pep8
+. lib/OpenSSL/tsafe.py::pyflakes
+. lib/OpenSSL/version.py::pep8
+. lib/OpenSSL/version.py::pyflakes
+. tests/__init__.py::pep8
+. tests/__init__.py::pyflakes
+. tests/conftest.py::pep8
+. tests/conftest.py::pyflakes
+. tests/memdbg.py::pep8
+. tests/memdbg.py::pyflakes
+. tests/test_crypto.py::pep8
+. tests/test_crypto.py::pyflakes
+. tests/test_crypto.py::X509ExtTests::test_construction
+. tests/test_crypto.py::X509ExtTests::test_get_critical
+. tests/test_crypto.py::X509ExtTests::test_get_data
+. tests/test_crypto.py::X509ExtTests::test_get_data_wrong_args
+. tests/test_crypto.py::X509ExtTests::test_get_short_name
+. tests/test_crypto.py::X509ExtTests::test_invalid_extension
+. tests/test_crypto.py::X509ExtTests::test_invalid_issuer
+. tests/test_crypto.py::X509ExtTests::test_invalid_subject
+. tests/test_crypto.py::X509ExtTests::test_issuer
+. tests/test_crypto.py::X509ExtTests::test_missing_issuer
+. tests/test_crypto.py::X509ExtTests::test_missing_subject
+. tests/test_crypto.py::X509ExtTests::test_str
+. tests/test_crypto.py::X509ExtTests::test_subject
+. tests/test_crypto.py::X509ExtTests::test_type
+. tests/test_crypto.py::X509ExtTests::test_unused_issuer
+. tests/test_crypto.py::X509ExtTests::test_unused_subject
+. tests/test_crypto.py::TestPKey::()::test_convert_from_cryptography_private_key
+. tests/test_crypto.py::TestPKey::()::test_convert_from_cryptography_public_key
+. tests/test_crypto.py::TestPKey::()::test_convert_from_cryptography_unsupported_type
+. tests/test_crypto.py::TestPKey::()::test_convert_public_pkey_to_cryptography_key
+. tests/test_crypto.py::TestPKey::()::test_convert_private_pkey_to_cryptography_key
+. tests/test_crypto.py::PKeyTests::test_check_public_key
+. tests/test_crypto.py::PKeyTests::test_check_wrong_args
+. tests/test_crypto.py::PKeyTests::test_construction
+. tests/test_crypto.py::PKeyTests::test_dsaGeneration
+. tests/test_crypto.py::PKeyTests::test_failedGeneration
+. tests/test_crypto.py::PKeyTests::test_inconsistentKey
+. tests/test_crypto.py::PKeyTests::test_pregeneration
+. tests/test_crypto.py::PKeyTests::test_regeneration
+. tests/test_crypto.py::PKeyTests::test_rsaGeneration
+. tests/test_crypto.py::PKeyTests::test_type
+. tests/test_crypto.py::X509NameTests::test_attributes
+. tests/test_crypto.py::X509NameTests::test_comparison
+. tests/test_crypto.py::X509NameTests::test_copy
+. tests/test_crypto.py::X509NameTests::test_der
+. tests/test_crypto.py::X509NameTests::test_get_components
+. tests/test_crypto.py::X509NameTests::test_hash
+. tests/test_crypto.py::X509NameTests::test_load_nul_byte_attribute
+. tests/test_crypto.py::X509NameTests::test_onlyStringAttributes
+. tests/test_crypto.py::X509NameTests::test_repr
+. tests/test_crypto.py::X509NameTests::test_setAttributeFailure
+. tests/test_crypto.py::X509NameTests::test_setInvalidAttribute
+. tests/test_crypto.py::X509NameTests::test_type
+. tests/test_crypto.py::X509ReqTests::test_add_extensions
+. tests/test_crypto.py::X509ReqTests::test_add_extensions_wrong_args
+. tests/test_crypto.py::X509ReqTests::test_construction
+. tests/test_crypto.py::X509ReqTests::test_get_extensions
+. tests/test_crypto.py::X509ReqTests::test_get_subject
+. tests/test_crypto.py::X509ReqTests::test_get_subject_wrong_args
+. tests/test_crypto.py::X509ReqTests::test_sign
+. tests/test_crypto.py::X509ReqTests::test_signWithPublicKey
+. tests/test_crypto.py::X509ReqTests::test_signWithUngenerated
+. tests/test_crypto.py::X509ReqTests::test_signWithUnknownDigest
+. tests/test_crypto.py::X509ReqTests::test_type
+. tests/test_crypto.py::X509ReqTests::test_verify_success
+. tests/test_crypto.py::X509ReqTests::test_verify_uninitialized_key
+. tests/test_crypto.py::X509ReqTests::test_verify_wrong_args
+. tests/test_crypto.py::X509ReqTests::test_verify_wrong_key
+. tests/test_crypto.py::X509ReqTests::test_version
+. tests/test_crypto.py::X509ReqTests::test_version_wrong_args
+. tests/test_crypto.py::X509Tests::test_construction
+. tests/test_crypto.py::X509Tests::test_digest
+. tests/test_crypto.py::X509Tests::test_extension_count
+. tests/test_crypto.py::X509Tests::test_get_extension
+. tests/test_crypto.py::X509Tests::test_get_issuer
+. tests/test_crypto.py::X509Tests::test_get_issuer_wrong_args
+. tests/test_crypto.py::X509Tests::test_get_notAfter
+. tests/test_crypto.py::X509Tests::test_get_notBefore
+. tests/test_crypto.py::X509Tests::test_get_pubkey_uninitialized
+. tests/test_crypto.py::X509Tests::test_get_serial_number_wrong_args
+. tests/test_crypto.py::X509Tests::test_get_signature_algorithm
+. tests/test_crypto.py::X509Tests::test_get_subject
+. tests/test_crypto.py::X509Tests::test_get_subject_wrong_args
+. tests/test_crypto.py::X509Tests::test_get_undefined_signature_algorithm
+. tests/test_crypto.py::X509Tests::test_get_version_wrong_args
+. tests/test_crypto.py::X509Tests::test_gmtime_adj_notAfter
+. tests/test_crypto.py::X509Tests::test_gmtime_adj_notAfter_wrong_args
+. tests/test_crypto.py::X509Tests::test_gmtime_adj_notBefore
+. tests/test_crypto.py::X509Tests::test_gmtime_adj_notBefore_wrong_args
+. tests/test_crypto.py::X509Tests::test_has_expired
+. tests/test_crypto.py::X509Tests::test_has_expired_wrong_args
+. tests/test_crypto.py::X509Tests::test_has_not_expired
+. tests/test_crypto.py::X509Tests::test_invalid_digest_algorithm
+. tests/test_crypto.py::X509Tests::test_nullbyte_subjectAltName
+. tests/test_crypto.py::X509Tests::test_root_has_not_expired
+. tests/test_crypto.py::X509Tests::test_serial_number
+. tests/test_crypto.py::X509Tests::test_set_issuer
+. tests/test_crypto.py::X509Tests::test_set_issuer_wrong_args
+. tests/test_crypto.py::X509Tests::test_set_notAfter
+. tests/test_crypto.py::X509Tests::test_set_notBefore
+. tests/test_crypto.py::X509Tests::test_set_pubkey_wrong_type
+. tests/test_crypto.py::X509Tests::test_set_subject
+. tests/test_crypto.py::X509Tests::test_set_subject_wrong_args
+. tests/test_crypto.py::X509Tests::test_set_version_wrong_args
+. tests/test_crypto.py::X509Tests::test_sign
+. tests/test_crypto.py::X509Tests::test_signWithPublicKey
+. tests/test_crypto.py::X509Tests::test_signWithUngenerated
+. tests/test_crypto.py::X509Tests::test_signWithUnknownDigest
+. tests/test_crypto.py::X509Tests::test_sign_bad_pubkey_type
+. tests/test_crypto.py::X509Tests::test_subject_name_hash
+. tests/test_crypto.py::X509Tests::test_subject_name_hash_wrong_args
+. tests/test_crypto.py::X509Tests::test_type
+. tests/test_crypto.py::X509Tests::test_version
+. tests/test_crypto.py::X509StoreTests::test_add_cert
+. tests/test_crypto.py::X509StoreTests::test_add_cert_rejects_duplicate
+. tests/test_crypto.py::X509StoreTests::test_add_cert_wrong_args
+. tests/test_crypto.py::X509StoreTests::test_type
+. tests/test_crypto.py::PKCS12Tests::test_cert_only
+. tests/test_crypto.py::PKCS12Tests::test_empty_construction
+. tests/test_crypto.py::PKCS12Tests::test_export_without_args
+. tests/test_crypto.py::PKCS12Tests::test_export_without_bytes
+. tests/test_crypto.py::PKCS12Tests::test_export_without_mac
+. tests/test_crypto.py::PKCS12Tests::test_friendly_name
+. tests/test_crypto.py::PKCS12Tests::test_key_cert_mismatch
+. tests/test_crypto.py::PKCS12Tests::test_key_only
+. tests/test_crypto.py::PKCS12Tests::test_load_pkcs12
+. tests/test_crypto.py::PKCS12Tests::test_load_pkcs12_empty_passphrase_load_empty
+. tests/test_crypto.py::PKCS12Tests::test_load_pkcs12_empty_passphrase_load_null
+. tests/test_crypto.py::PKCS12Tests::test_load_pkcs12_garbage
+. tests/test_crypto.py::PKCS12Tests::test_load_pkcs12_no_passphrase
+. tests/test_crypto.py::PKCS12Tests::test_load_pkcs12_null_passphrase_load_empty
+. tests/test_crypto.py::PKCS12Tests::test_load_pkcs12_null_passphrase_load_null
+. tests/test_crypto.py::PKCS12Tests::test_load_pkcs12_text_passphrase
+. tests/test_crypto.py::PKCS12Tests::test_load_without_mac
+. tests/test_crypto.py::PKCS12Tests::test_removing_ca_cert
+. tests/test_crypto.py::PKCS12Tests::test_replace
+. tests/test_crypto.py::PKCS12Tests::test_type
+. tests/test_crypto.py::PKCS12Tests::test_type_errors
+. tests/test_crypto.py::PKCS12Tests::test_various_empty_passphrases
+. tests/test_crypto.py::PKCS12Tests::test_zero_len_list_for_ca
+. tests/test_crypto.py::TestLoadPublicKey::()::test_loading_works
+. tests/test_crypto.py::TestLoadPublicKey::()::test_invalid_type
+. tests/test_crypto.py::TestLoadPublicKey::()::test_invalid_key_format
+. tests/test_crypto.py::TestLoadPublicKey::()::test_tolerates_unicode_strings
+F tests/test_crypto.py::FunctionTests::test_dump_certificate
+ self = <tests.test_crypto.FunctionTests testMethod=test_dump_certificate>
+
+ def test_dump_certificate(self):
+ """
+ :py:obj:`dump_certificate` writes PEM, DER, and text.
+ """
+ pemData = cleartextCertificatePEM + cleartextPrivateKeyPEM
+ cert = load_certificate(FILETYPE_PEM, pemData)
+ dumped_pem = dump_certificate(FILETYPE_PEM, cert)
+ self.assertEqual(dumped_pem, cleartextCertificatePEM)
+ dumped_der = dump_certificate(FILETYPE_ASN1, cert)
+ good_der = _runopenssl(dumped_pem, b"x509", b"-outform", b"DER")
+ self.assertEqual(dumped_der, good_der)
+ cert2 = load_certificate(FILETYPE_ASN1, dumped_der)
+ dumped_pem2 = dump_certificate(FILETYPE_PEM, cert2)
+ self.assertEqual(dumped_pem2, cleartextCertificatePEM)
+ dumped_text = dump_certificate(FILETYPE_TEXT, cert)
+ good_text = _runopenssl(
+ dumped_pem, b"x509", b"-noout", b"-text", b"-nameopt", b"")
+ > self.assertEqual(dumped_text, good_text)
+ E AssertionError: 'Certificate:\n Data:\n Version: 3 (0x2)\n Serial Number:\n 3d:0c:c4:e0:c6:de:b9:f4\n Signature Algorithm: sha1WithRSAEncryption\n Issuer: C=US, ST=IL, L=Chicago, O=Testing, CN=Testing Root CA\n Validity\n Not Before: Mar 25 12:36:58 2009 GMT\n Not After : Jun 11 12:36:58 2017 GMT\n Subject: C=US, ST=IL, L=Chicago, O=Testing, CN=Testing Root CA\n Subject Public Key Info:\n Public Key Algorithm: rsaEncryption\n Public-Key: (1024 bit)\n Modulus:\n 00:f9:9a:42:e9:8b:ba:ba:44:e7:6e:ee:48:41:dd:\n 2f:5a:6a:70:34:66:5b:3b:be:f7:c6:3a:60:7c:d3:\n fc:9e:ca:58:46:a6:c8:c0:8d:67:a7:d1:5b:52:42:\n 47:bf:36:51:0f:1a:d3:b7:f2:db:15:ec:2b:2e:16:\n 74:a6:b1:c8:6f:02:71:ab:70:99:7b:e9:bd:14:38:\n e1:d4:80:34:c8:a1:1c:42:e9:00:d4:dd:c9:5a:7a:\n 0c:2c:ac:10:3e:b0:91:01:6e:ac:79:45:d5:db:21:\n 11:a2:70:f1:bf:f2:a4:38:66:6d:52:28:e8:28:b5:\n c6:f0:89:aa:2b:db:2c:59:db\n Exponent: 65537 (0x10001)\n X509v3 extensions:\n X509v3 Subject Key Identifier: \n 83:55:77:2D:5E:21:F1:49:0C:09:24:E7:54:09:12:8D:C8:7E:04:AE\n X509v3 Authority Key Identifier: \n keyid:83:55:77:2D:5E:21:F1:49:0C:09:24:E7:54:09:12:8D:C8:7E:04:AE\n DirName:/C=US/ST=IL/L=Chicago/O=Testing/CN=Testing Root CA\n serial:3D:0C:C4:E0:C6:DE:B9:F4\n\n X509v3 Basic Constraints: \n CA:TRUE\n Signature Algorithm: sha1WithRSAEncryption\n 61:82:0d:ac:cc:24:6a:16:34:1a:5c:d3:7b:ba:fa:c9:9c:f7:\n 97:44:79:a7:76:2a:56:57:04:04:ce:74:54:f5:55:eb:18:df:\n e9:d4:3a:a6:61:12:14:c6:94:33:22:86:48:1a:66:7c:e8:22:\n af:d4:6a:68:9d:7a:09:38:86:2a:ec:09:3f:d1:fb:ab:ec:28:\n 00:31:35:37:01:8d:47:99:8e:5c:a4:08:95:b2:e6:88:d2:84:\n 67:ed:5c:82:98:c3:f9:e3:55:b2:8c:5e:bb:dc:f3:7a:a6:4d:\n d1:a5:dd:30:0c:d1:fc:50:22:9a:a0:72:09:45:2e:f7:84:06:\n 0c:e7\n' != 'Certificate:\n Data:\n Version: 3 (0x2)\n Serial Number: 4399107405722335732 (0x3d0cc4e0c6deb9f4)\n Signature Algorithm: sha1WithRSAEncryption\n Issuer: C=US, ST=IL, L=Chicago, O=Testing, CN=Testing Root CA\n Validity\n Not Before: Mar 25 12:36:58 2009 GMT\n Not After : Jun 11 12:36:58 2017 GMT\n Subject: C=US, ST=IL, L=Chicago, O=Testing, CN=Testing Root CA\n Subject Public Key Info:\n Public Key Algorithm: rsaEncryption\n Public-Key: (1024 bit)\n Modulus:\n 00:f9:9a:42:e9:8b:ba:ba:44:e7:6e:ee:48:41:dd:\n 2f:5a:6a:70:34:66:5b:3b:be:f7:c6:3a:60:7c:d3:\n fc:9e:ca:58:46:a6:c8:c0:8d:67:a7:d1:5b:52:42:\n 47:bf:36:51:0f:1a:d3:b7:f2:db:15:ec:2b:2e:16:\n 74:a6:b1:c8:6f:02:71:ab:70:99:7b:e9:bd:14:38:\n e1:d4:80:34:c8:a1:1c:42:e9:00:d4:dd:c9:5a:7a:\n 0c:2c:ac:10:3e:b0:91:01:6e:ac:79:45:d5:db:21:\n 11:a2:70:f1:bf:f2:a4:38:66:6d:52:28:e8:28:b5:\n c6:f0:89:aa:2b:db:2c:59:db\n Exponent: 65537 (0x10001)\n X509v3 extensions:\n X509v3 Subject Key Identifier: \n 83:55:77:2D:5E:21:F1:49:0C:09:24:E7:54:09:12:8D:C8:7E:04:AE\n X509v3 Authority Key Identifier: \n keyid:83:55:77:2D:5E:21:F1:49:0C:09:24:E7:54:09:12:8D:C8:7E:04:AE\n DirName:/C=US/ST=IL/L=Chicago/O=Testing/CN=Testing Root CA\n serial:3D:0C:C4:E0:C6:DE:B9:F4\n\n X509v3 Basic Constraints: \n CA:TRUE\n Signature Algorithm: sha1WithRSAEncryption\n 61:82:0d:ac:cc:24:6a:16:34:1a:5c:d3:7b:ba:fa:c9:9c:f7:\n 97:44:79:a7:76:2a:56:57:04:04:ce:74:54:f5:55:eb:18:df:\n e9:d4:3a:a6:61:12:14:c6:94:33:22:86:48:1a:66:7c:e8:22:\n af:d4:6a:68:9d:7a:09:38:86:2a:ec:09:3f:d1:fb:ab:ec:28:\n 00:31:35:37:01:8d:47:99:8e:5c:a4:08:95:b2:e6:88:d2:84:\n 67:ed:5c:82:98:c3:f9:e3:55:b2:8c:5e:bb:dc:f3:7a:a6:4d:\n d1:a5:dd:30:0c:d1:fc:50:22:9a:a0:72:09:45:2e:f7:84:06:\n 0c:e7\n'
+
+ tests/test_crypto.py:2781: AssertionError
+. tests/test_crypto.py::FunctionTests::test_dump_certificate_bad_type
+. tests/test_crypto.py::FunctionTests::test_dump_certificate_request
+. tests/test_crypto.py::FunctionTests::test_dump_privatekey_asn1
+. tests/test_crypto.py::FunctionTests::test_dump_privatekey_invalid_filetype
+. tests/test_crypto.py::FunctionTests::test_dump_privatekey_invalid_passphrase_type
+. tests/test_crypto.py::FunctionTests::test_dump_privatekey_passphrase
+. tests/test_crypto.py::FunctionTests::test_dump_privatekey_passphraseCallback
+. tests/test_crypto.py::FunctionTests::test_dump_privatekey_passphraseCallbackLength
+. tests/test_crypto.py::FunctionTests::test_dump_privatekey_passphraseWrongType
+. tests/test_crypto.py::FunctionTests::test_dump_privatekey_passphrase_exception
+. tests/test_crypto.py::FunctionTests::test_dump_privatekey_pem
+. tests/test_crypto.py::FunctionTests::test_dump_privatekey_text
+. tests/test_crypto.py::FunctionTests::test_dump_privatekey_unknown_cipher
+. tests/test_crypto.py::FunctionTests::test_dump_privatekey_wrong_args
+. tests/test_crypto.py::FunctionTests::test_dump_publickey_asn1
+. tests/test_crypto.py::FunctionTests::test_dump_publickey_invalid_type
+. tests/test_crypto.py::FunctionTests::test_dump_publickey_pem
+. tests/test_crypto.py::FunctionTests::test_load_pkcs7_data_asn1
+. tests/test_crypto.py::FunctionTests::test_load_pkcs7_data_invalid
+. tests/test_crypto.py::FunctionTests::test_load_pkcs7_data_pem
+. tests/test_crypto.py::FunctionTests::test_load_pkcs7_type_invalid
+. tests/test_crypto.py::FunctionTests::test_load_privatekey_invalid_format
+. tests/test_crypto.py::FunctionTests::test_load_privatekey_invalid_passphrase_type
+. tests/test_crypto.py::FunctionTests::test_load_privatekey_passphrase
+. tests/test_crypto.py::FunctionTests::test_load_privatekey_passphraseCallback
+. tests/test_crypto.py::FunctionTests::test_load_privatekey_passphraseCallbackLength
+. tests/test_crypto.py::FunctionTests::test_load_privatekey_passphraseWrongType
+. tests/test_crypto.py::FunctionTests::test_load_privatekey_passphrase_exception
+. tests/test_crypto.py::FunctionTests::test_load_privatekey_passphrase_wrong_return_type
+. tests/test_crypto.py::FunctionTests::test_load_privatekey_wrongPassphrase
+. tests/test_crypto.py::FunctionTests::test_load_privatekey_wrongPassphraseCallback
+. tests/test_crypto.py::FunctionTests::test_load_privatekey_wrong_args
+. tests/test_crypto.py::LoadCertificateTests::test_badFileType
+. tests/test_crypto.py::LoadCertificateTests::test_bad_certificate
+. tests/test_crypto.py::PKCS7Tests::test_attribute
+. tests/test_crypto.py::PKCS7Tests::test_get_type_name
+. tests/test_crypto.py::PKCS7Tests::test_get_type_name_wrong_args
+. tests/test_crypto.py::PKCS7Tests::test_type
+. tests/test_crypto.py::PKCS7Tests::test_type_is_data
+. tests/test_crypto.py::PKCS7Tests::test_type_is_data_wrong_args
+. tests/test_crypto.py::PKCS7Tests::test_type_is_enveloped
+. tests/test_crypto.py::PKCS7Tests::test_type_is_enveloped_wrong_args
+. tests/test_crypto.py::PKCS7Tests::test_type_is_signed
+. tests/test_crypto.py::PKCS7Tests::test_type_is_signedAndEnveloped
+. tests/test_crypto.py::PKCS7Tests::test_type_is_signedAndEnveloped_wrong_args
+. tests/test_crypto.py::PKCS7Tests::test_type_is_signed_wrong_args
+. tests/test_crypto.py::NetscapeSPKITests::test_b64_encode
+. tests/test_crypto.py::NetscapeSPKITests::test_construction
+. tests/test_crypto.py::NetscapeSPKITests::test_invalid_attribute
+. tests/test_crypto.py::NetscapeSPKITests::test_sign
+. tests/test_crypto.py::NetscapeSPKITests::test_signWithPublicKey
+. tests/test_crypto.py::NetscapeSPKITests::test_signWithUngenerated
+. tests/test_crypto.py::NetscapeSPKITests::test_signWithUnknownDigest
+. tests/test_crypto.py::NetscapeSPKITests::test_type
+. tests/test_crypto.py::TestRevoked::()::test_ignores_unsupported_revoked_cert_extension_get_reason
+. tests/test_crypto.py::TestRevoked::()::test_ignores_unsupported_revoked_cert_extension_set_new_reason
+. tests/test_crypto.py::RevokedTests::test_construction
+. tests/test_crypto.py::RevokedTests::test_construction_wrong_args
+. tests/test_crypto.py::RevokedTests::test_date
+. tests/test_crypto.py::RevokedTests::test_get_reason_wrong_arguments
+. tests/test_crypto.py::RevokedTests::test_reason
+. tests/test_crypto.py::RevokedTests::test_serial
+. tests/test_crypto.py::RevokedTests::test_set_reason_wrong_arguments
+. tests/test_crypto.py::CRLTests::test_add_revoked_keyword
+. tests/test_crypto.py::CRLTests::test_add_revoked_wrong_args
+. tests/test_crypto.py::CRLTests::test_construction
+. tests/test_crypto.py::CRLTests::test_construction_wrong_args
+. tests/test_crypto.py::CRLTests::test_dump_crl
+. tests/test_crypto.py::CRLTests::test_export_custom_digest
+. tests/test_crypto.py::CRLTests::test_export_default_digest
+. tests/test_crypto.py::CRLTests::test_export_der
+. tests/test_crypto.py::CRLTests::test_export_invalid
+. tests/test_crypto.py::CRLTests::test_export_md5_digest
+. tests/test_crypto.py::CRLTests::test_export_pem
+. tests/test_crypto.py::CRLTests::test_export_text
+. tests/test_crypto.py::CRLTests::test_export_unknown_digest
+. tests/test_crypto.py::CRLTests::test_export_unknown_filetype
+. tests/test_crypto.py::CRLTests::test_export_wrong_args
+. tests/test_crypto.py::CRLTests::test_get_issuer
+. tests/test_crypto.py::CRLTests::test_get_revoked
+. tests/test_crypto.py::CRLTests::test_get_revoked_wrong_args
+. tests/test_crypto.py::CRLTests::test_load_crl
+. tests/test_crypto.py::CRLTests::test_load_crl_bad_data
+. tests/test_crypto.py::CRLTests::test_load_crl_bad_filetype
+. tests/test_crypto.py::CRLTests::test_load_crl_wrong_args
+. tests/test_crypto.py::CRLTests::test_verify_with_missing_crl
+. tests/test_crypto.py::CRLTests::test_verify_with_revoked
+. tests/test_crypto.py::X509StoreContextTests::test_invalid_chain_no_intermediate
+. tests/test_crypto.py::X509StoreContextTests::test_invalid_chain_no_root
+. tests/test_crypto.py::X509StoreContextTests::test_modification_pre_verify
+. tests/test_crypto.py::X509StoreContextTests::test_reuse
+. tests/test_crypto.py::X509StoreContextTests::test_trusted_self_signed
+. tests/test_crypto.py::X509StoreContextTests::test_untrusted_self_signed
+. tests/test_crypto.py::X509StoreContextTests::test_valid
+. tests/test_crypto.py::SignVerifyTests::test_sign_nulls
+. tests/test_crypto.py::SignVerifyTests::test_sign_verify
+. tests/test_crypto.py::SignVerifyTests::test_sign_verify_with_text
+. tests/test_crypto.py::SignVerifyTests::test_sign_with_large_key
+. tests/test_crypto.py::EllipticCurveTests::test_a_curve
+. tests/test_crypto.py::EllipticCurveTests::test_not_a_curve
+. tests/test_crypto.py::EllipticCurveTests::test_repr
+. tests/test_crypto.py::EllipticCurveTests::test_set
+. tests/test_crypto.py::EllipticCurveTests::test_some_curves
+. tests/test_crypto.py::EllipticCurveTests::test_to_EC_KEY
+. tests/test_crypto.py::EllipticCurveEqualityTests::test_anotherTypeEq
+. tests/test_crypto.py::EllipticCurveEqualityTests::test_anotherTypeNe
+. tests/test_crypto.py::EllipticCurveEqualityTests::test_delegateNe
+. tests/test_crypto.py::EllipticCurveEqualityTests::test_delegatedEq
+. tests/test_crypto.py::EllipticCurveEqualityTests::test_differentEq
+. tests/test_crypto.py::EllipticCurveEqualityTests::test_differentNe
+. tests/test_crypto.py::EllipticCurveEqualityTests::test_identicalEq
+. tests/test_crypto.py::EllipticCurveEqualityTests::test_identicalNe
+. tests/test_crypto.py::EllipticCurveEqualityTests::test_sameEq
+. tests/test_crypto.py::EllipticCurveEqualityTests::test_sameNe
+. tests/test_crypto.py::EllipticCurveHashTests::test_contains
+. tests/test_crypto.py::EllipticCurveHashTests::test_does_not_contain
+. tests/test_rand.py::pep8
+. tests/test_rand.py::pyflakes
+. tests/test_rand.py::RandTests::test_add
+. tests/test_rand.py::RandTests::test_add_wrong_args
+. tests/test_rand.py::RandTests::test_bytes
+. tests/test_rand.py::RandTests::test_bytes_paths
+. tests/test_rand.py::RandTests::test_bytes_wrong_args
+. tests/test_rand.py::RandTests::test_cleanup
+. tests/test_rand.py::RandTests::test_cleanup_wrong_args
+. tests/test_rand.py::RandTests::test_egd_warning
+. tests/test_rand.py::RandTests::test_egd_wrong_args
+. tests/test_rand.py::RandTests::test_insufficientMemory
+. tests/test_rand.py::RandTests::test_load_file_wrong_args
+. tests/test_rand.py::RandTests::test_seed
+. tests/test_rand.py::RandTests::test_seed_wrong_args
+. tests/test_rand.py::RandTests::test_status
+. tests/test_rand.py::RandTests::test_status_wrong_args
+. tests/test_rand.py::RandTests::test_unicode_paths
+. tests/test_rand.py::RandTests::test_write_file_wrong_args
+. tests/test_ssl.py::pep8
+. tests/test_ssl.py::pyflakes
+. tests/test_ssl.py::VersionTests::test_OPENSSL_VERSION_NUMBER
+. tests/test_ssl.py::VersionTests::test_SSLeay_version
+. tests/test_ssl.py::TestContext::()::test_set_cipher_list[0hello world:AES128-SHA]
+. tests/test_ssl.py::TestContext::()::test_set_cipher_list[1hello world:AES128-SHA]
+. tests/test_ssl.py::TestContext::()::test_set_cipher_list_wrong_args[cipher_list0-TypeError]
+. tests/test_ssl.py::TestContext::()::test_set_cipher_list_wrong_args[imaginary-cipher-Error]
+. tests/test_ssl.py::TestContext::()::test_load_client_ca
+. tests/test_ssl.py::TestContext::()::test_load_client_ca_invalid
+. tests/test_ssl.py::TestContext::()::test_load_client_ca_unicode
+. tests/test_ssl.py::TestContext::()::test_set_session_id
+. tests/test_ssl.py::TestContext::()::test_set_session_id_fail
+. tests/test_ssl.py::TestContext::()::test_set_session_id_unicode
+. tests/test_ssl.py::ContextTests::test_add_extra_chain_cert
+. tests/test_ssl.py::ContextTests::test_add_extra_chain_cert_invalid_cert
+. tests/test_ssl.py::ContextTests::test_app_data
+. tests/test_ssl.py::ContextTests::test_check_privatekey_invalid
+. tests/test_ssl.py::ContextTests::test_check_privatekey_valid
+. tests/test_ssl.py::ContextTests::test_check_privatekey_wrong_args
+. tests/test_ssl.py::ContextTests::test_get_app_data_wrong_args
+. tests/test_ssl.py::ContextTests::test_get_cert_store
+. tests/test_ssl.py::ContextTests::test_get_session_cache_mode_wrong_args
+. tests/test_ssl.py::ContextTests::test_get_timeout_wrong_args
+. tests/test_ssl.py::ContextTests::test_get_verify_depth_wrong_args
+. tests/test_ssl.py::ContextTests::test_get_verify_mode_wrong_args
+. tests/test_ssl.py::ContextTests::test_load_tmp_dh_bytes
+. tests/test_ssl.py::ContextTests::test_load_tmp_dh_missing_file
+. tests/test_ssl.py::ContextTests::test_load_tmp_dh_unicode
+. tests/test_ssl.py::ContextTests::test_load_tmp_dh_wrong_args
+. tests/test_ssl.py::ContextTests::test_load_verify_bytes_cafile
+. tests/test_ssl.py::ContextTests::test_load_verify_directory_bytes_capath
+. tests/test_ssl.py::ContextTests::test_load_verify_directory_unicode_capath
+. tests/test_ssl.py::ContextTests::test_load_verify_invalid_file
+. tests/test_ssl.py::ContextTests::test_load_verify_locations_wrong_args
+. tests/test_ssl.py::ContextTests::test_load_verify_unicode_cafile
+. tests/test_ssl.py::ContextTests::test_method
+. tests/test_ssl.py::ContextTests::test_method_long
+. tests/test_ssl.py::ContextTests::test_passwd_callback_exception
+. tests/test_ssl.py::ContextTests::test_passwd_callback_false
+. tests/test_ssl.py::ContextTests::test_passwd_callback_non_string
+. tests/test_ssl.py::ContextTests::test_passwd_callback_too_long
+. tests/test_ssl.py::ContextTests::test_session_cache_mode
+. tests/test_ssl.py::ContextTests::test_session_cache_mode_long
+. tests/test_ssl.py::ContextTests::test_set_app_data_wrong_args
+s tests/test_ssl.py::ContextTests::test_set_default_verify_paths
+ Skipped: This test doesn't work within OWAN, even with proxy set
+. tests/test_ssl.py::ContextTests::test_set_default_verify_paths_signature
+. tests/test_ssl.py::ContextTests::test_set_info_callback
+. tests/test_ssl.py::ContextTests::test_set_mode
+. tests/test_ssl.py::ContextTests::test_set_mode_long
+. tests/test_ssl.py::ContextTests::test_set_mode_wrong_args
+. tests/test_ssl.py::ContextTests::test_set_options
+. tests/test_ssl.py::ContextTests::test_set_options_long
+. tests/test_ssl.py::ContextTests::test_set_options_wrong_args
+. tests/test_ssl.py::ContextTests::test_set_passwd_cb
+. tests/test_ssl.py::ContextTests::test_set_passwd_cb_wrong_args
+. tests/test_ssl.py::ContextTests::test_set_session_cache_mode_wrong_args
+. tests/test_ssl.py::ContextTests::test_set_timeout_wrong_args
+. tests/test_ssl.py::ContextTests::test_set_tmp_ecdh
+. tests/test_ssl.py::ContextTests::test_set_verify_callback_connection_argument
+. tests/test_ssl.py::ContextTests::test_set_verify_callback_exception
+. tests/test_ssl.py::ContextTests::test_set_verify_depth_wrong_args
+. tests/test_ssl.py::ContextTests::test_set_verify_mode
+. tests/test_ssl.py::ContextTests::test_set_verify_mode_long
+. tests/test_ssl.py::ContextTests::test_timeout
+. tests/test_ssl.py::ContextTests::test_timeout_long
+. tests/test_ssl.py::ContextTests::test_type
+. tests/test_ssl.py::ContextTests::test_use_certificate
+. tests/test_ssl.py::ContextTests::test_use_certificate_chain_file_bytes
+. tests/test_ssl.py::ContextTests::test_use_certificate_chain_file_unicode
+. tests/test_ssl.py::ContextTests::test_use_certificate_chain_file_wrong_args
+. tests/test_ssl.py::ContextTests::test_use_certificate_file_bytes
+. tests/test_ssl.py::ContextTests::test_use_certificate_file_long
+. tests/test_ssl.py::ContextTests::test_use_certificate_file_missing
+. tests/test_ssl.py::ContextTests::test_use_certificate_file_unicode
+. tests/test_ssl.py::ContextTests::test_use_certificate_file_wrong_args
+. tests/test_ssl.py::ContextTests::test_use_certificate_uninitialized
+. tests/test_ssl.py::ContextTests::test_use_certificate_wrong_args
+. tests/test_ssl.py::ContextTests::test_use_privatekey
+. tests/test_ssl.py::ContextTests::test_use_privatekey_file_bytes
+. tests/test_ssl.py::ContextTests::test_use_privatekey_file_long
+. tests/test_ssl.py::ContextTests::test_use_privatekey_file_missing
+. tests/test_ssl.py::ContextTests::test_use_privatekey_file_unicode
+. tests/test_ssl.py::ContextTests::test_verify_depth
+. tests/test_ssl.py::ContextTests::test_verify_depth_long
+. tests/test_ssl.py::ServerNameCallbackTests::test_no_servername
+. tests/test_ssl.py::ServerNameCallbackTests::test_old_callback_forgotten
+. tests/test_ssl.py::ServerNameCallbackTests::test_servername
+. tests/test_ssl.py::ServerNameCallbackTests::test_wrong_args
+. tests/test_ssl.py::NextProtoNegotiationTests::test_npn_advertise_error
+. tests/test_ssl.py::NextProtoNegotiationTests::test_npn_client_fail
+. tests/test_ssl.py::NextProtoNegotiationTests::test_npn_select_error
+. tests/test_ssl.py::NextProtoNegotiationTests::test_npn_success
+. tests/test_ssl.py::ApplicationLayerProtoNegotiationTests::test_alpn_callback_exception
+. tests/test_ssl.py::ApplicationLayerProtoNegotiationTests::test_alpn_no_server
+. tests/test_ssl.py::ApplicationLayerProtoNegotiationTests::test_alpn_server_fail
+. tests/test_ssl.py::ApplicationLayerProtoNegotiationTests::test_alpn_set_on_connection
+. tests/test_ssl.py::ApplicationLayerProtoNegotiationTests::test_alpn_success
+. tests/test_ssl.py::SessionTests::test_construction
+. tests/test_ssl.py::SessionTests::test_construction_wrong_args
+. tests/test_ssl.py::ConnectionTests::test_accept
+. tests/test_ssl.py::ConnectionTests::test_accept_wrong_args
+. tests/test_ssl.py::ConnectionTests::test_app_data
+. tests/test_ssl.py::ConnectionTests::test_app_data_wrong_args
+. tests/test_ssl.py::ConnectionTests::test_client_get_session
+. tests/test_ssl.py::ConnectionTests::test_client_set_session
+. tests/test_ssl.py::ConnectionTests::test_connect
+. tests/test_ssl.py::ConnectionTests::test_connect_ex
+. tests/test_ssl.py::ConnectionTests::test_connect_refused
+. tests/test_ssl.py::ConnectionTests::test_connect_wrong_args
+. tests/test_ssl.py::ConnectionTests::test_connection_undefined_attr
+. tests/test_ssl.py::ConnectionTests::test_get_cipher_bits
+. tests/test_ssl.py::ConnectionTests::test_get_cipher_bits_before_connect
+. tests/test_ssl.py::ConnectionTests::test_get_cipher_name
+. tests/test_ssl.py::ConnectionTests::test_get_cipher_name_before_connect
+. tests/test_ssl.py::ConnectionTests::test_get_cipher_version
+. tests/test_ssl.py::ConnectionTests::test_get_cipher_version_before_connect
+. tests/test_ssl.py::ConnectionTests::test_get_context
+. tests/test_ssl.py::ConnectionTests::test_get_context_wrong_args
+. tests/test_ssl.py::ConnectionTests::test_get_finished
+. tests/test_ssl.py::ConnectionTests::test_get_finished_before_connect
+. tests/test_ssl.py::ConnectionTests::test_get_peer_cert_chain
+. tests/test_ssl.py::ConnectionTests::test_get_peer_cert_chain_none
+. tests/test_ssl.py::ConnectionTests::test_get_peer_cert_chain_wrong_args
+. tests/test_ssl.py::ConnectionTests::test_get_peer_finished
+. tests/test_ssl.py::ConnectionTests::test_get_peer_finished_before_connect
+. tests/test_ssl.py::ConnectionTests::test_get_protocol_version
+. tests/test_ssl.py::ConnectionTests::test_get_protocol_version_name
+. tests/test_ssl.py::ConnectionTests::test_get_servername_wrong_args
+. tests/test_ssl.py::ConnectionTests::test_get_session_unconnected
+. tests/test_ssl.py::ConnectionTests::test_get_session_wrong_args
+. tests/test_ssl.py::ConnectionTests::test_makefile
+. tests/test_ssl.py::ConnectionTests::test_peek
+. tests/test_ssl.py::ConnectionTests::test_pending
+. tests/test_ssl.py::ConnectionTests::test_pending_wrong_args
+. tests/test_ssl.py::ConnectionTests::test_server_get_session
+. tests/test_ssl.py::ConnectionTests::test_set_context
+. tests/test_ssl.py::ConnectionTests::test_set_context_wrong_args
+. tests/test_ssl.py::ConnectionTests::test_set_session_wrong_args
+F tests/test_ssl.py::ConnectionTests::test_set_session_wrong_method
+ self = <tests.test_ssl.ConnectionTests testMethod=test_set_session_wrong_method>
+
+ def test_set_session_wrong_method(self):
+ """
+ If :py:obj:`Connection.set_session` is passed a :py:class:`Session`
+ instance associated with a context using a different SSL method than
+ the :py:obj:`Connection` is using, a :py:class:`OpenSSL.SSL.Error` is
+ raised.
+ """
+ # Make this work on both OpenSSL 1.0.0, which doesn't support TLSv1.2
+ # and also on OpenSSL 1.1.0 which doesn't support SSLv3. (SSL_ST_INIT
+ # is a way to check for 1.1.0)
+ if SSL_ST_INIT is not None:
+ v1 = TLSv1_METHOD
+ v2 = SSLv3_METHOD
+ else:
+ v1 = TLSv1_2_METHOD
+ v2 = TLSv1_METHOD
+
+ key = load_privatekey(FILETYPE_PEM, server_key_pem)
+ cert = load_certificate(FILETYPE_PEM, server_cert_pem)
+ ctx = Context(v1)
+ ctx.use_privatekey(key)
+ ctx.use_certificate(cert)
+ ctx.set_session_id("unity-test")
+
+ def makeServer(socket):
+ server = Connection(ctx, socket)
+ server.set_accept_state()
+ return server
+
+ def makeOriginalClient(socket):
+ client = Connection(Context(v1), socket)
+ client.set_connect_state()
+ return client
+
+ originalServer, originalClient = self._loopback(
+ serverFactory=makeServer, clientFactory=makeOriginalClient)
+ originalSession = originalClient.get_session()
+
+ def makeClient(socket):
+ # Intentionally use a different, incompatible method here.
+ client = Connection(Context(v2), socket)
+ client.set_connect_state()
+ client.set_session(originalSession)
+ return client
+
+ self.assertRaises(
+ Error,
+ > self._loopback, clientFactory=makeClient, serverFactory=makeServer)
+
+ tests/test_ssl.py:2689:
+ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
+ tests/util.py:283: in failUnlessRaises
+ f(*args, **kwargs)
+ tests/test_ssl.py:251: in _loopback
+ client = clientFactory(client)
+ tests/test_ssl.py:2682: in makeClient
+ client = Connection(Context(v2), socket)
+ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
+
+ self = <OpenSSL.SSL.Context object at 0xf19d5bcc>, method = 2
+
+ def __init__(self, method):
+ """
+ :param method: One of SSLv2_METHOD, SSLv3_METHOD, SSLv23_METHOD, or
+ TLSv1_METHOD.
+ """
+ if not isinstance(method, integer_types):
+ raise TypeError("method must be an integer")
+
+ try:
+ method_func = self._methods[method]
+ except KeyError:
+ > raise ValueError("No such protocol")
+ E ValueError: No such protocol
+
+ ../prototype/i386/usr/lib/python2.7/vendor-packages/OpenSSL/SSL.py:468: ValueError
+. tests/test_ssl.py::ConnectionTests::test_set_shutdown
+. tests/test_ssl.py::ConnectionTests::test_set_shutdown_long
+. tests/test_ssl.py::ConnectionTests::test_set_tlsext_host_name_wrong_args
+. tests/test_ssl.py::ConnectionTests::test_shutdown
+. tests/test_ssl.py::ConnectionTests::test_shutdown_closed
+. tests/test_ssl.py::ConnectionTests::test_shutdown_truncated
+. tests/test_ssl.py::ConnectionTests::test_shutdown_wrong_args
+. tests/test_ssl.py::ConnectionTests::test_state_string
+. tests/test_ssl.py::ConnectionTests::test_tls_finished_message_symmetry
+. tests/test_ssl.py::ConnectionTests::test_type
+. tests/test_ssl.py::ConnectionTests::test_wantWriteError
+. tests/test_ssl.py::ConnectionGetCipherListTests::test_result
+. tests/test_ssl.py::ConnectionGetCipherListTests::test_wrong_args
+. tests/test_ssl.py::ConnectionSendTests::test_short_buffer
+. tests/test_ssl.py::ConnectionSendTests::test_short_bytes
+. tests/test_ssl.py::ConnectionSendTests::test_short_memoryview
+. tests/test_ssl.py::ConnectionSendTests::test_text
+. tests/test_ssl.py::ConnectionSendTests::test_wrong_args
+. tests/test_ssl.py::ConnectionRecvIntoTests::test_bytearray_doesnt_overfill
+. tests/test_ssl.py::ConnectionRecvIntoTests::test_bytearray_no_length
+. tests/test_ssl.py::ConnectionRecvIntoTests::test_bytearray_really_doesnt_overfill
+. tests/test_ssl.py::ConnectionRecvIntoTests::test_bytearray_respects_length
+. tests/test_ssl.py::ConnectionRecvIntoTests::test_memoryview_doesnt_overfill
+. tests/test_ssl.py::ConnectionRecvIntoTests::test_memoryview_no_length
+. tests/test_ssl.py::ConnectionRecvIntoTests::test_memoryview_really_doesnt_overfill
+. tests/test_ssl.py::ConnectionRecvIntoTests::test_memoryview_respects_length
+. tests/test_ssl.py::ConnectionRecvIntoTests::test_peek
+. tests/test_ssl.py::ConnectionSendallTests::test_closed
+. tests/test_ssl.py::ConnectionSendallTests::test_long
+. tests/test_ssl.py::ConnectionSendallTests::test_short
+. tests/test_ssl.py::ConnectionSendallTests::test_short_buffers
+. tests/test_ssl.py::ConnectionSendallTests::test_short_memoryview
+. tests/test_ssl.py::ConnectionSendallTests::test_text
+. tests/test_ssl.py::ConnectionSendallTests::test_wrong_args
+. tests/test_ssl.py::ConnectionRenegotiateTests::test_renegotiate
+. tests/test_ssl.py::ConnectionRenegotiateTests::test_renegotiate_wrong_args
+. tests/test_ssl.py::ConnectionRenegotiateTests::test_total_renegotiations
+. tests/test_ssl.py::ConnectionRenegotiateTests::test_total_renegotiations_wrong_args
+. tests/test_ssl.py::ErrorTests::test_type
+. tests/test_ssl.py::ConstantsTests::test_op_cookie_exchange
+. tests/test_ssl.py::ConstantsTests::test_op_no_compression
+. tests/test_ssl.py::ConstantsTests::test_op_no_query_mtu
+. tests/test_ssl.py::ConstantsTests::test_op_no_ticket
+. tests/test_ssl.py::ConstantsTests::test_sess_cache_both
+. tests/test_ssl.py::ConstantsTests::test_sess_cache_client
+. tests/test_ssl.py::ConstantsTests::test_sess_cache_no_auto_clear
+. tests/test_ssl.py::ConstantsTests::test_sess_cache_no_internal
+. tests/test_ssl.py::ConstantsTests::test_sess_cache_no_internal_lookup
+. tests/test_ssl.py::ConstantsTests::test_sess_cache_no_internal_store
+. tests/test_ssl.py::ConstantsTests::test_sess_cache_off
+. tests/test_ssl.py::ConstantsTests::test_sess_cache_server
+. tests/test_ssl.py::MemoryBIOTests::test_add_client_ca_errors
+. tests/test_ssl.py::MemoryBIOTests::test_memoryConnect
+. tests/test_ssl.py::MemoryBIOTests::test_multiple_add_client_ca
+. tests/test_ssl.py::MemoryBIOTests::test_mutated_ca_list
+. tests/test_ssl.py::MemoryBIOTests::test_one_add_client_ca
+. tests/test_ssl.py::MemoryBIOTests::test_outgoingOverflow
+. tests/test_ssl.py::MemoryBIOTests::test_reset_ca_list
+. tests/test_ssl.py::MemoryBIOTests::test_set_after_add_client_ca
+. tests/test_ssl.py::MemoryBIOTests::test_set_and_add_client_ca
+. tests/test_ssl.py::MemoryBIOTests::test_set_client_ca_list_errors
+. tests/test_ssl.py::MemoryBIOTests::test_set_empty_ca_list
+. tests/test_ssl.py::MemoryBIOTests::test_set_multiple_ca_list
+. tests/test_ssl.py::MemoryBIOTests::test_set_one_ca_list
+. tests/test_ssl.py::MemoryBIOTests::test_shutdown
+. tests/test_ssl.py::MemoryBIOTests::test_socketConnect
+. tests/test_ssl.py::MemoryBIOTests::test_socketOverridesMemory
+. tests/test_ssl.py::MemoryBIOTests::test_unexpectedEndOfFile
+. tests/test_ssl.py::ConnectionBIOTests::test_buffer_size
+. tests/test_ssl.py::ConnectionBIOTests::test_buffer_size_long
+. tests/test_ssl.py::ConnectionBIOTests::test_wantReadError
+. tests/test_ssl.py::InfoConstantTests::test_integers
+. tests/test_ssl.py::TestRequires::()::test_available
+. tests/test_ssl.py::TestRequires::()::test_unavailable
+. tests/test_tsafe.py::pep8
+. tests/test_tsafe.py::pyflakes
+. tests/test_tsafe.py::ConnectionTest::test_instantiation
+. tests/test_util.py::pep8
+. tests/test_util.py::pyflakes
+. tests/test_util.py::ErrorTests::test_exception_from_error_queue_nonexistent_reason
+. tests/util.py::pep8
+. tests/util.py::pyflakes